Encrypt session ID


We would like to implement a bearer authentification mechanism between prodigy and our backend.

Question 1: Can prodigy make a request to an API based on a session id?

We would like to implement a secret key between the two and pass an encrypted session param.

For example the raw session param could be:

  userId: 1234,
  organisations: [1,2,3],
  projects: [1,2,3,4,5]

Becoming ASDL;FJO;IAWE932523NDLKF;AJ;DFIOS once encrypted by our backend.

The encryption would be injected as a session id in prodigy url https://prodigy.prod.com/?session=ASDL;FJO;IAWE932523NDLKF;AJ;DFIOS

Prodigy can then decrypt it and get session context for the task router.

This will allow us to make the prodigy url public.

Question 2: Would that be possible?

hi @SiteAssist,

Prodigy does not have built-in functionality to make requests to an API based on a session ID. However, you can implement this functionality in your backend and use Prodigy's custom recipe to try it.

You can create a custom recipe in Prodigy that sends the session ID as a parameter in the request to your backend API. You can try get_session_name to get the session ID.

Yes, that seems possible. However, there may be tradeoffs or other alternatives.

One downside I see of this is you can't provide your session names in advance using PRODIGY_ALLOWED_SESSIONS. Without it, Prodigy will only become aware of a user session when it starts annotating which can lead to uneven task distribution. This effect is explained in the docs section on session creation below.

One point that's worth noting is we're working on a plugin for Single-Sign-On following the OpenID Connect Authorization Code Flow standard. This will support any OIDC identity provider (e.g. Auth0, Microsoft Entra (formerly Active Directory). I don't have an exact date on when we'll release this but we've been testing. Also, this will likely only be provided as an add-in for company licenses, not personal licenses.

After the holidays (we have a few teammates out this week), I can ask a few teammates on their thoughts.